Secure Connectivity as a Service, Delivered in the Cloud

Product Overview
Enable users to connect quickly and securely to any cloud destination, from anywhere, with iboss cloud
iboss is a cloud security company that provides organizations and their employees fast and secure access to the Internet on any device, from any location, in the cloud. The iboss cloud platform provides network security as a service, delivered in the cloud, as a complete SaaS offering. This eliminates the need for traditional network security appliances, such as firewalls and web gateway proxies, which are ineffective at protecting a cloud-first and mobile world. Leveraging a purpose-built cloud architecture backed by over 190 issued and pending patents and more than 100 points of presence globally, iboss protects more than 4,000 organizations worldwide.
Simply put, any security function that you can perform with a network firewall or web proxy appliance, you can perform with the iboss platform – without the appliances.
- VPN Offload For Work From Home Users
- ZTNA Private Access VPN Replacement
- Eliminate Network Security Appliances
- User and Group Based Policies
- Secure Access Service Edge
- CASB Cloud Application Visibility
- Dedicated Cloud IP Addresses
- The Best Symantec Bluecoat Replacement
- Best Malware Defense
- Extend into Private Cloud
- iboss + FireEye Cloud Network Security
Send Cloud Application Traffic from Remote Users Directly to the Cloud Reducing Load on VPNs and Increasing Remote User Productivity.
Cloud application traffic from remote users is traditionally sent through slow and overloaded VPNs to provide network security for compliance, malware defense and data loss. This typically results in slow connections or down networks preventing users from working effectively in work from home scenarios. The problem is, cloud application traffic should NOT be sent through VPNs. If the traffic is destined to the cloud, why is it being sent back to the office?
With the iboss cloud platform, you can completely offload your VPN connections by sending cloud application traffic directly from work from home users to the cloud. All of the traffic is sent through the iboss cloud platform first, to ensure compliance, malware defense and data loss prevention. This immediately reduces or eliminates load from VPN connections bringing the network back up to normal operation and ensuring users are productive while working from home.
Provides advanced protection to all network file storage, general servers and multi-purpose servers. Ensures servers are stable and conflict-free. Limits restarts and maintenance windows to a minimum to guarantee business continuity.
click here to visit vendor product page>>
Organizations are constantly faced with competitive pressures that force them to adapt their business. While an organization’s technology strategies and resources should keep pace with these changes, the reality is they often lag behind. This creates a gap between how people work and how the IT infrastructure supports them. When the gap becomes too big, many problems arise, including security risks, operational disruption, compliance violations, skyrocketing costs, and poor user experience.
Organizations deploying and using legacy network security appliances to protect cloud connectivity and internet access are faced with these problems today. Mobility, exponential bandwidth growth and cloud application adoption is leading to escalating costs, difficulty in securing users outside of the traditional network perimeter, and loss of end user productivity due to slow connections resulting from forcing traffic for remote workers through corporate networks. The physical network perimeter has eroded making devices the new network perimeter. Users can work from anywhere and need fast and secure connections to all cloud resources regardless of location.
The shift to a Zero Trust network architecture allows organizations to ensure fast compliant and secure connections from any location. Because users are always connected through the cloud network security service, access to cloud applications and resources can be granted based on who the user is, including the user’s role within an organization. These resources can be public or private. Public resources might include Microsoft Office 365, while private resources are those that are typically behind a firewall or within a corporate network. The iboss cloud network security service is connected to all resources and makes decisions on which resources a user might have access based on user identity.
click here to visit vendor product page>>
The iboss cloud provides a sustainable and strategic path for providing network security by transitioning network security functions from firewall and proxy appliances to a SaaS delivered network security in the cloud
Migrating from traditional on-prem network security appliances, such as firewalls and proxies, to a Security as a Service network platform delivered in the cloud can seem like a daunting and risky task. The security policies that have been created over decades within the network security appliance-based platform may seem extensive and possibly even convoluted.
In addition, transitions in staff may have resulted in a loss of understanding of all of the gateway appliance rules and infrastructure that are in place. With iboss cloud, migrating from on-prem network security appliances to network security in the cloud is easily accomplished. All of the network security features and capabilities transition to the cloud, and the only thing left behind are the appliances.
To transition successfully to a cloud-based network security platform, the cloud platform must be capable of supporting the vast set of network security functions and user-based policies that the on-prem solution supports. That includes all complex web proxy policy sets that might be in place. The iboss cloud has an extensive set of security policies that not only meet, but exceed the capabilities of appliance-based solutions that were designed in the pre-cloud era. When migrating to the iboss cloud, all policies including malware defense rules are migrated easily. The 100% API-based platform allows automation and the effective transfer of policy sets into the iboss cloud platform. In addition, iboss will support you in migrating complex policy sets as virtually all types of network security appliance types, including on-prem web gateway proxies, have been migrated to the iboss cloud.
click here to visit vendor product page>>
Flexible policies can be created to increase productivity while ensuring security
User and group based policies provide the flexibility to create differentiated role-based Internet access allowing users to be productive and secure
Each department within an organization typically needs varying levels of Internet access depending what the job entails. The ability for IT administrators to create tailored web access roles to enable productivity while ensuring compliance and security is critical. A single one size fits all policy is not only overly prohibitive but also reduces productivity. The iboss cloud allows for the creation of varying policies depending on which user is accessing the Internet. This ensures the user can accomplish what they are trying to achieve online while remaining secure from malware and other threats on the Internet.
These policies are automatically assigned to users so they are seamlessly assigned ensuring low friction and a great user experience. In addition, the policies can be tied to Active Directory Security Groups or Organizational Units to simplify the assignment of policies to users within the organization. In addition, SAML can be used to tie users to specific policies based on user or group membership.
click here to visit vendor product page>>
The most advanced SASE and Zero Trust platform that allows users to work from anywhere with fast and secure connections to all cloud applications .
click here to visit vendor product page>>
The iboss cloud platform delivers the CASB capabilities and features you need to reduce risk while users access cloud applications
The ability to apply fine grained controls and gain visibility into cloud application use is critical with the move of applications to the cloud. The iboss cloud is the gateway to the cloud giving it the ability to control cloud applications and provide visibility into cloud application use. Cloud application controls are extensive and range from Facebook, to Google to Microsoft. This includes making Facebook read-only, ensuring access to Google Drive is corporate only and leveraging Microsoft Office 365 Tenant restrictions.
Control cloud applications such as Facebook, LinkedIn and Twitter to ensure compliance
The iboss cloud includes extensive cloud application controls spanning applications such as Spotify, Pinterest, Facebook, Twitter, LinkedIn, and Search Engines. The policies can be applied on a per user or per group basis to prevent actions such as posting sensitive information to social media sites which violate PCI and HIPAA compliance. In addition, visibility into applications is provided in detailed real-time dashboards and drill down reports. Since iboss cloud lives in the cloud, controls and visibility is applied to all users in regardless location.
Extensive Google application controls including YouTube and Google Drive
Application controls span the suite of Google Apps, including Google Drive. This includes enforcing Safe Search on Google to reduce liability and ensure compliance as well as controls across the vast suite of Google Applications. Applications include Google Cloudprint, Google Trends, Google Research, Google Wallet, Google Maps, Google Translation, Shopping, Google Groups, Google Play, Google Video, Google Sites, Gmail and Google Earth. In addition, Gmail, Google Drive, Google Docs, Google Plus, Google Groups and Google Sites can be restricted to only company use by restricting access to the registered G-Suite company domain.
Gen-3 CASB Protection Prevents Data Loss from Shadow IT
The iboss cloud provides the most powerful Gen-3 CASB on the market, ensuring data transfers from devices are controlled and remain within corporate owned cloud accounts. For example, if a user is accessing Office 365 from the office or at home, data transfers from the device are forced into the corporate owned office 365 account. For Google services, such as Google Drive, file uploads can be forced to the organization’s Google Drive account instead of a personal use Google Drive account. Slack can also be controlled so that the use of messaging remains within the corporate Slack account. Gen-3 CASB prevents data loss and shadow IT by controlling the network data from the device to destinations in the cloud. Gen-3 CASB protects what legacy CASB technology misses by ensuring all network transfers end up in the right place in the cloud.
click here to visit vendor product page>>
When traffic leaves an organization’s network destined to the cloud, the source IP Address of that traffic is uniquely associated with the organization. These addresses are typically assigned by the Internet Service Provider to the organization. This IP is used to restrict access to portals and connect to back-office networks.
The unique association between the source IP Address and an organization’s identity on the Internet has become an important aspect for integration due it’s use by IT departments to connect vendors and technology integrations. IT teams provide these IP Addresses to third-parties to connect the organization’s network and provide access to the resources provided by the third-party.
When moving to a cloud-based gateway platform, typically the ability to maintain unique source IP presence in the cloud is lost. For example, if a user is mobile and being protected at a coffee shop, as they access the Internet, the outside world may not see that user as belonging to the organization because the source IP is mapped to the coffee shop and not the organization itself. This can be challenging and put IT departments in a predicament as they look at migrating from on-prem Web Gateway appliances to a cloud-based gateway platform.
With the iboss cloud, each customer gets dedicated source cloud IP Addresses which are associated with the organization. Because of this, any data traversing the global cloud gateways in iboss cloud will have a uniquely associated IP Address that can be mapped to the organization. This means that users always appear to be accessing the Internet from within the organization regardless of whether they’re in the office or on the road. This preserves the critical connectivity requirements that IT departments need when migrating to a cloud gateway platform.
click here to visit vendor product page>>
Proxy appliances were not designed for the modern, cloud-driven, world. They were designed to protect network traffic for users within offices, yet those users are working from home. They were designed to handle a predefined amount of network traffic, yet the volume of traffic is increasing exponentially by the day. Network proxy appliances were designed to decrypt and inspect limited amounts of encrypted HTTPS traffic. However, over 99% of all browsing time is over encrypted HTTPS connections according to the Google HTTPS Transparency Report. Proxy appliances were not designed for the cloud driven and mobile world. Switching to iboss ensures you get all of the network security capabilities found in proxy appliances, without the appliances and at infinite scale. This reduces infrastructure costs, reduces labor and is designed for the work from home and mobile future.
The iboss Platform is Designed for Mobile and Work from Home Users
Users are not sitting behind the Bluecoat proxy appliances. They are working remotely, from home. If the network traffic does not traverse the Bluecoat appliances, it cannot inspect or protect that data. Because of this, organizations leveraging on-prem proxy appliances, like Bluecoat, are forced to send network data from remote users through slow VPN connections to provide network security. This is unsustainable and results in slow connections which reduces productivity and increases costs.
The iboss cloud platform provides all of the capabilities found in traditional and legacy Bluecoat appliances, except without the gear. It allows network data from remote users to be secured directly in the cloud, eliminating the unnecessary data backhaul through VPN connections. This results in fast connections, increased end-user productivity and reduced costs.
The iboss Platform Performs HTTPS Decryption at Scale
Over 99% of all browsing time is over encrypted HTTPS connections, according to the Google HTTPS Transparency Report. Proxy appliances have compute and processing limitations and require a lot of hardware to handle the high volume of HTTPS traffic. This is extremely costly and typically results in extremely slow connections and the need to expand data center footprints.
The iboss cloud runs as a complete SaaS offering in the cloud. It has infinite computing power to decrypt any volume of traffic, without increasing costs. As encrypted traffic increases, your costs do not as iboss will process, decrypt and inspect all traffic automatically. This includes the large volumes of traffic from remote work from home users.
Bluecoat Proxy Appliances Leave Cybersecurity Blindspots as Users Work From Home
If the network traffic is not traversing the Bluecoat, it cannot provide the protection or generate the log events that provide cybersecurity teams the visibility they need to enforce compliance, prevent malware and eliminate data loss. The appliances are only capable of inspecting traffic within the office.
With iboss cloud, all network traffic is always inspected before going to the cloud, regardless of user location. This includes protection for users in the office and those working from home. It can also generate the log events and drill down reports needed to ensure a strong cybersecurity posture for all users, from all locations, at all times. In addition, the iboss cloud can force network traffic to business applications while preventing traffic to personal cloud accounts, such as Google Drive. This reduces shadow IT and data loss from users, including those that work from home.
The iboss platform offers a 100% drop in replacement for Bluecoat proxy appliances converting a data center from simply hosting legacy proxy appliances to becoming a private cloud Point of Presence. The private cloud is linked to the global iboss cloud and immediately converts Bluecoat appliances to a modern private cloud extension of the iboss cloud global footprint.
click here to visit vendor product page>>
Top-ranked malware engines and feeds are also included in the iboss cloud malware defense package to provide defense-in-depth protection by leveraging leading Cybersecurity companies and cutting edge malware defense technology.
There is no single Cybersecurity strategy or solution that can prevent all malware. The combination of various techniques and approaches are required to ensure the most comprehensive protection is applied to user Internet connectivity.
There are core categories of protection that can be applied to ensure secure connectivity between users and the cloud.
Malware Engines are able to decompose entire files, web pages and content and inspect them for malicious threats. Next-gen anti-malware engines capable of analyzing files are critical for protection that goes beyond firewall packets and streams.
Threat feeds contain signatures, destination and content used to determine whether an Internet transaction is malicious or is originating from an infected device. These feeds contain various types of signatures including phishing destinations, Botnet Command and Control (CnC) destinations and file signatures. Many of these feeds are created by sophisticated threat research teams, like Verizon Managed Security Services which deals with over 1 million incidents per day and has visibility into over 80% of the world’s Internet traffic. The ability to apply threat feeds to the data the cloud gateways are processing results in applying the millions of daily man hours of security intelligence to protect users from daily evolving threats.
Log analytics intelligence allow the ability to distill the millions of log events that occur daily into meaningful insight that administrators can understand. In addition, user behavioral analytics signal when something is wrong not when an infection occurs, but when user behavior changes. This user behavioral changes can be due to malware hijacking user credentials or insider threats. The iboss cloud generates log events for all cloud activity, malware events and DLP alerts which can all be analyzed by iboss intelligence as well as integrated third-party intelligence.
click here to visit vendor product page>>
The design of the iboss cloud allows the cloud to extend seamlessly into an optional private cloud point of presence
In some cases customers have data center capacity and would like to extend the iboss cloud into a private cloud. When this occurs, the customer creates a private cloud Point Of Presence (POP) and iboss cloud extends naturally into the private cloud adding one more POP to it’s global data center footprint. The private cloud only services the particular customer and is dedicated capacity for that customer. Everything needed to create a private cloud POP is provided by iboss. The containerized architecture of iboss cloud makes this seamless as iboss provides containerized gateway capacity that runs within the customer’s data center. Because the private cloud is just an extension of the global iboss cloud, any policies or controls configured within iboss cloud will automatically extend into the private cloud POP. The private cloud becomes part of the iboss cloud extending it to private points of presence. This provides the consistency in security and user experience necessary when extending the cloud into your headquarters or corporate data centers. All private cloud capacity is provided by iboss which reduces costs and simplifies deployment. Extending into a private cloud is completely optional but is available when needed.
click here to visit vendor product page>>
The traditional network perimeter is eroding while end users and devices are increasingly accessing data remotely. In addition, most organization’s data resides across multiple clouds, making it more difficult to secure.
In order to protect end traffic, users, devices, networks, assets, and data and from known and unknown threats in this new environment, organizations need a multi-vector defense to ensure all devices and users are protected regardless of location. iboss + FireEye Cloud Network Security provides advanced threat protection and data breach prevention through the cloud regardless of the end user’s location or form factor (desktop, laptop, tablet, server, IoT, and other mobile devices).
click here to visit vendor product page>>
cloud security Network Security As A Service
Target Industries
Government
Telecoms
Oil & Gas
Hospitality
Financial
Education
iboss Distribution Team
If you are interested in iboss products and solutions, or would like to find out more, contact our iboss distribution team